package com.example.config;


import com.example.service.MyUserService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import javax.annotation.Resource;

@Configuration
public class MyWebConfig extends WebSecurityConfigurerAdapter {
    // bean
    @Resource
    private MyUserService myUserService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.formLogin().loginPage("/index.html")//登录的页面
                .loginProcessingUrl("/usrlogin")//跟登录页面中的usrlogin对应
                .usernameParameter("username")//自定义的username和password
                .passwordParameter("password")
                .defaultSuccessUrl("/success.html") // 默认的成功之后的页面
                .and().authorizeRequests().antMatchers("/","/index.html","/login").permitAll()
//               .and().authorizeRequests().antMatchers("/test").hasRole("admin")
                .and().authorizeRequests().anyRequest().authenticated()//需要认证
                .and().logout().logoutUrl("/logOut").logoutSuccessUrl("/index.html").permitAll()
                .and().csrf().disable();

    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth.userDetailsService(myUserService).passwordEncoder(getPasswordEncoder());

    }


    @Bean
    public BCryptPasswordEncoder getPasswordEncoder(){

        return new BCryptPasswordEncoder();
    }

    //    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//
//        // 密码加密
//        PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
//        String encode = passwordEncoder.encode("zyh");
//
//        //数据加入内存当中
//        auth.inMemoryAuthentication()
//                .passwordEncoder(passwordEncoder)
//                .withUser("zyh")
//                .password(encode)
//                .roles("admin");
//
//    }

//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        http.formLogin().loginPage("/index.html")// 自定义的登录的页面
//                .loginProcessingUrl("/usrlogin") //
//                .usernameParameter("myname")// index.html  /login
//                .passwordParameter("mypwd")
//                .defaultSuccessUrl("/success.html") // 默认的成功之后的页面
//
//                .failureForwardUrl("/error.html").permitAll()
//                .and().authorizeRequests().antMatchers("/","/index.html","/login").permitAll() // 、login不需要拦截
//                // 有 user的角色  /test    user
//                //.and().authorizeRequests().antMatchers("/test").hasRole("user")//hasAuthority("user")
//                .and().exceptionHandling().accessDeniedPage("/403.html")
//                .and().authorizeRequests().anyRequest().authenticated() // 需要认证
//                .and().logout().logoutUrl("/logOut").logoutSuccessUrl("/index.html").permitAll()
//                .and().csrf().disable();
//
//
//    }


}
